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DETAILED ACTION 

1 . Claims 1 - 1 8 are pending. 

Response to Arguments 

2. Applicant's arguments with respect to claims 1-18 have been considered but are moot in 
view of the new ground(s) of rejection. 

Double Patenting 

3. The amendments made to claims 1,17 and 18 change the scope of the claims. Therefore, 
the nonstatutory double patenting rejection has been withdrawn. 

Claim Rejections - 35 USC § 102 
The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

4. Claims 1-5, 7, 8, 10, 1 1, 14, 17 and 18 rejected under 35 U.S.C. 102(b) as being 
anticipated by Marino, Jr. et al. (Marino), U.S. Patent No. 5,029,206. 

As per claims 1, 17 and 18: 

Marino discloses a method of improving security processing in a computer network 
comprising the steps of: 

providing security processing in an operating system kernel (3:12-25, wherein encryption 
is the security processing at the kernel); 
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providing an application program which makes use of the operating system kernel during 
execution (4:1-9); 

providing security policy information (7:36-66 wherein the provided parameters are the 
security policy information); 

executing the application program (5:41-51 wherein the applications are executed when 
requests are made); and 

selectably encrypting at least one communication of the executing application program 
using the provided security processing in the operating system kernel, under conditions specified 
by the security policy information (7:36-66). 

As per claims 17 and 18, these are system and computer program versions respectively of 
the claimed apparatus discussed above in claim 1 wherein all claimed limitations have also been 
addressed and/or cited as set forth above. 

Claim Rejections - 35 USC § 103 

5. Claims 2-8, 10, 1 1 and 14 rejected under 35 U.S.C. 103(a) as being unpatentable over 
Marino as applied to claims 1 above, and further in view of Wiegel, (U.S 6,131,163). 
As per claim 2: 

Wiegel substantially teaches a method wherein the security policy information is stored 
in a security repository (9:23-27). 
As per claim 3: 

Wiegel substantially teaches a method wherein the security policy information is usable 
for more than one executing application program (9:30-35). 
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As per claim 4: 

Wiegel substantially teaches a method wherein the conditions include network addresses 
(9:41-55). 

As per claim 5: 

Wiegel substantially teaches a method wherein the network addresses specify one or 
more of server addresses and destination addresses (9:41-55). 
As per claim 6: 

Wiegel substantially teaches a security policy tree that includes the condition of a source 
or destination address. It would have been an obvious modification to include a range of 
destination addresses (9:41-55). 

As per claim 7: 

Wiegel substantially teaches a method wherein the conditions include one or more port 
numbers and/or one or more port number ranges (9:26-30). 
As per claim 8: 

Wiegel substantially teaches a method wherein the conditions include one or more job 
names (9:41-55, wherein network service acts as job names). 
As per claim 10: 

Wiegel substantially teaches a method further comprising the step of checking the 
security policy information when the executing application program establishes a connection, 
and wherein the selectably securing step communicates on that connection according to a result 
of the checking step (10:15-49). 

As per claim 1 1 : 
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Wiegel substantially teaches a method whereby communications from the executing 
application program may be secured even though the provided application program has no code 
for security processing (10:15-49). 

As per claim 14: 

Wiegel substantially teaches a method wherein the provided security processing operates 
in a Transmission Control Protocol layer of the operating system kernel (3:38-46). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to modify the invention of Marino to utilize the invention of Wiegel because Wiegel 
offers increased assurance that communications coming into and out of individual computers 
over a network are authentic (1 :47-67) which would improve upon Marino's invention of 
increasing the security of communications amongst computers at the kernel level within a 
network (1:6-39). 

6. Claims 9 and 13 rejected under 35 U.S.C. 103(a) as being unpatentable over Marino as 
applied to claim 1 above and further in view of Winiger, U.S. Patent No. 5,845,068. 
As per claim 9: 

Marino fails to teach identifiers used as conditions for the security policy. However, 
Winiger discloses utilizing source and destination machine identification numbers which would 
correspond to client identifiers since a destination or source machine would be a client (8:6-39). 

As per claim 13: 

Marino fails to teach a security policy governing communications on sockets of a port. 
However, the use of communications over sockets and ports was well known in the art at the 
time of applicant's invention as illustrated by Winiger. Winiger discloses the use of multiple 
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sockets having the same port number (9:66-10:2) and utilizing the security level of the user to 
determine whether communication can occur on that socket having that port number which is 
similar to the security level negotiations taught by Marino (7:67-8:12). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to improve upon the invention of Marino with the use of sockets and ports between 
network devices as shown in Winiger because Marino was already using network and transport 
layer security and it would have been obvious to use the improvements such as Winigers in order 
to continue to make the invention of Marino more secure (7:51-54). 

7. Claim 12 rejected under 35 U.S.C. 103(a) as being unpatentable over Marino as applied 
to claim 1 above further in view of ModJSSL. 

As per claim 12: 

Wiegel fails to disclose a method wherein the provided application program includes 
invocation of one or more security directives, and further comprising the step of executing, 
during execution of the provided application program, one or more of the invoked security 
directives. However, the Mod_SSL manual discloses a variety of security directives (lines 8-16, 
pg. 1 of chap. 3). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to utilize security directives in order to have a better understanding of how a mod_ssl 
functionality is activated (lines 3-4, pg. 1 of chap. 3). 

8. Claim 15 rejected under 35 U.S.C. 103(a) as being unpatentable over Marino as applied 
to claim 1 above further in view of Berg, PG Pub 2002/01 16605. 
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As per claim 15: 

Marino fails to teach a method wherein the provided security processing implements 
Secure Sockets Layer. However, SSL was well known in the art at the time of applicant's 
invention as exemplified by Berg. 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to utilize SSL because this is an obvious improvement to secure network 
communications that were utilized in Marino (7:51-57). 

9. Claim 16 rejected under 35 U.S.C. 103(a) as being unpatentable over Wiegel as applied 
to claim 1 above further in view of Dierk et al. (Dierk), RFC 2246. 
As per claim 16: 

TLS was well known in the art at the time the invention was made as exemplified by 
Dierks. It would have been an obvious modification, if using the invention for SSL, to upgrade 
and utilize TLS (pg. 5, item 3: Goals of this document). 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
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the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kristin Derwich whose telephone number is 571-272-7958. The 
examiner can normally be reached on Monday - Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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